There was a bit of a stink today about an antivirus vendor claiming that Microsoft's November security patches caused computers to show a 'black screen of death'. Microsoft has investigated the issue, and states that the antivirus vendor, Prevx, is wrong.

It's good that they apologized, but still irritating that they didn't do this basic detective work beforehand. Many people won't ever see that follow up and they'll just remember hearing that Microsoft screwed up with their updates, and, to the extent it discourages people from patching regularly, it's especially bad since keeping software up to date is such an important part of keeping a system secure. In effect, this security firm helps create a less secure environment. This is why responsible disclosure is so important. I mean, if an investigation reveals there's a clear problem and the vendor dismisses or minimizes the issue, by all means raise a sh*tstorm, but at least try to work with them and do thorough research before making these kinds of claims. Incidents like this just lend credence to the notion that security firms are just fearmongering opportunists, and that this one in particular shouldn't be trusted.